Skip to content

Dirty Attack Over Hundreds Of WordPress Blogs

April 11, 2010

The Exploited Security Hole Not Yet Identified

Hundreds of WordPress-powered blog owners have recently found their websites inaccessible after a critical value has been altered in the database. The attack seems to affect even the latest version of the popular blog platform and, so far, the security hole has not been determined.

Sucuri Security Labs, a provider of Web-based integrity monitoring, reports that a worrying number of blogs were compromised the last week, in an attempt to silently redirect visitors to a malicious URL loading exploits. According to the company, most of the affected sites are hosted at Network Solutions.

The common symptom of the hack is an altered “siteurl” value in the “wp_options” database table. This variable should normally contain the main URL of the website.

Since “siteurl” is not supposed to hold HTML code, this modification breaks the entire blog layout and prevents users and admins alike from reaching the website. The unusual technique suggests that the attackers are amateurs and not particularly familiar with the intricacies of the WordPress platform.

Another interesting aspect is that no one has successfully pinpointed the entry point used by the attackers, which could be either an unidentified security hole in WordPress or a common plug-in. “The only way for the database to be modified like that is via SQL injection or a bigger problem inside Network Solutions databases,.

Read This Article:
How To updgrade Worpress to WordPress 3.1 Beta

Comments are closed.

%d bloggers like this: